From 91e825adff4f22882c0f5f6e47b9f07a8627d0e0 Mon Sep 17 00:00:00 2001 From: Will Greenberg Date: Fri, 28 Mar 2025 12:22:32 -0700 Subject: [PATCH 01/10] mac installer: if we've already removed quarantine bit, continue --- dist/install.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dist/install.sh b/dist/install.sh index ff9347c..7a04482 100755 --- a/dist/install.sh +++ b/dist/install.sh @@ -109,7 +109,8 @@ elif [[ `uname -s` == "Darwin" ]]; then export SERIAL_PATH="./serial-macos-intel/serial" fi export PLATFORM_TOOLS="platform-tools-latest-darwin.zip" - xattr -d com.apple.quarantine "$SERIAL_PATH" + # if we've already deleted this attribute, xattr errors out + xattr -d com.apple.quarantine "$SERIAL_PATH" || echo else echo "This script only supports Linux or macOS" exit 1 From 775468f0376d5f3d356d4c423751a87495ad408a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 8 Apr 2025 02:07:32 +0000 Subject: [PATCH 02/10] Bump tokio from 1.44.1 to 1.44.2 Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.44.1 to 1.44.2. - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.44.1...tokio-1.44.2) --- updated-dependencies: - dependency-name: tokio dependency-version: 1.44.2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Cargo.lock | 4 ++-- bin/Cargo.toml | 2 +- lib/Cargo.toml | 2 +- serial/Cargo.toml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 7b727e5..a6ff49d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1644,9 +1644,9 @@ dependencies = [ [[package]] name = "tokio" -version = "1.44.1" +version = "1.44.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f382da615b842244d4b8738c82ed1275e6c5dd90c459a30941cd07080b06c91a" +checksum = "e6b88822cbe49de4185e3a4cbf8321dd487cf5fe0c5c65695fef6346371e9c48" dependencies = [ "backtrace", "bytes", diff --git a/bin/Cargo.toml b/bin/Cargo.toml index 93e0389..14cf975 100644 --- a/bin/Cargo.toml +++ b/bin/Cargo.toml @@ -15,7 +15,7 @@ path = "src/check.rs" rayhunter = { path = "../lib" } toml = "0.8.8" serde = { version = "1.0.193", features = ["derive"] } -tokio = { version = "1.35.1", features = ["full"] } +tokio = { version = "1.44.2", features = ["full"] } axum = "0.7.3" futures-core = "0.3.30" thiserror = "1.0.52" diff --git a/lib/Cargo.toml b/lib/Cargo.toml index ecde8cf..a565e41 100644 --- a/lib/Cargo.toml +++ b/lib/Cargo.toml @@ -21,7 +21,7 @@ nix = { version = "0.29.0", features = ["feature"] } pcap-file-tokio = "0.1.0" thiserror = "1.0.50" telcom-parser = { path = "../telcom-parser" } -tokio = { version = "1.35.1", features = ["full"] } +tokio = { version = "1.44.2", features = ["full"] } futures-core = "0.3.30" futures = "0.3.30" serde = { version = "1.0.197", features = ["derive"] } diff --git a/serial/Cargo.toml b/serial/Cargo.toml index f69b4be..127bfea 100644 --- a/serial/Cargo.toml +++ b/serial/Cargo.toml @@ -8,4 +8,4 @@ edition = "2021" [dependencies] anyhow = "1.0.97" nusb = "0.1.13" -tokio = { version = "1.44.1", features = ["macros", "rt", "time"] } +tokio = { version = "1.44.2", features = ["macros", "rt", "time"] } From f81adad8979444c818072e9f292b3d5e99234f4b Mon Sep 17 00:00:00 2001 From: Evan Rusmisel Date: Thu, 27 Mar 2025 12:38:36 -0700 Subject: [PATCH 03/10] rusty --- bin/src/daemon.rs | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/bin/src/daemon.rs b/bin/src/daemon.rs index 2ce836d..46523c6 100644 --- a/bin/src/daemon.rs +++ b/bin/src/daemon.rs @@ -162,13 +162,17 @@ fn update_ui(task_tracker: &TaskTracker, config: &config::Config, mut ui_shutdo task_tracker.spawn_blocking(move || { let mut fb: Framebuffer = Framebuffer::new(); - // this feels wrong, is there a more rusty way to do this? - let mut img: Option<&[u8]> = None; - if display_level == 2 { - img = Some(IMAGE_DIR.get_file("orca.gif").expect("failed to read orca.gif").contents()); - } else if display_level == 3 { - img = Some(IMAGE_DIR.get_file("eff.png").expect("failed to read eff.png").contents()); + let img = match display_level { + 2 => Some("orca.gif"), + 3 => Some("eff.png"), + _ => None, } + .map(|n| { + IMAGE_DIR + .get_file(n) + .expect(&format!("failed to read {n}")) + .contents() + }); loop { match ui_shutdown_rx.try_recv() { Ok(_) => { From 4099eb30a51fc17d5e4ba7b8f084ec425fd4cfca Mon Sep 17 00:00:00 2001 From: oopsbagel Date: Mon, 7 Apr 2025 15:54:44 -0700 Subject: [PATCH 04/10] ci: build on ubuntu-24.04-arm (aarch64) --- .github/workflows/build-release.yml | 2 ++ dist/install.sh | 6 +++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml index d525b99..c956244 100644 --- a/.github/workflows/build-release.yml +++ b/.github/workflows/build-release.yml @@ -14,6 +14,8 @@ jobs: platform: - name: ubuntu-24 os: ubuntu-latest + - name: ubuntu-24-aarch64 + os: ubuntu-24.04-arm - name: macos-arm os: macos-latest - name: macos-intel diff --git a/dist/install.sh b/dist/install.sh index 7a04482..a0c1284 100755 --- a/dist/install.sh +++ b/dist/install.sh @@ -100,7 +100,11 @@ test_rayhunter() { ##### Main ##### ##### ##### ##### if [[ `uname -s` == "Linux" ]]; then - export SERIAL_PATH="./serial-ubuntu-24/serial" + if [[ `uname -m` == "arm64" ]]; then + export SERIAL_PATH="./serial-ubuntu-24-aarch64/serial" + elif [[ `uname -m` == "x86_64" ]]; then + export SERIAL_PATH="./serial-ubuntu-24/serial" + fi export PLATFORM_TOOLS="platform-tools-latest-linux.zip" elif [[ `uname -s` == "Darwin" ]]; then if [[ `uname -m` == "arm64" ]]; then From 60934e593b9f9c9d38fb5c3100e6cf6391fa9b06 Mon Sep 17 00:00:00 2001 From: Sashanoraa Date: Sun, 6 Apr 2025 23:59:44 -0400 Subject: [PATCH 05/10] Add the content length header to the qmdl file response --- bin/src/server.rs | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/bin/src/server.rs b/bin/src/server.rs index c9a531a..28108a8 100644 --- a/bin/src/server.rs +++ b/bin/src/server.rs @@ -1,5 +1,5 @@ use axum::body::Body; -use axum::http::header::{CONTENT_TYPE, self}; +use axum::http::header::{self, CONTENT_LENGTH, CONTENT_TYPE}; use axum::extract::State; use axum::http::{StatusCode, HeaderValue}; use axum::response::{Response, IntoResponse}; @@ -36,7 +36,10 @@ pub async fn get_qmdl(State(state): State>, Path(qmdl_name): Pa let limited_qmdl_file = qmdl_file.take(entry.qmdl_size_bytes as u64); let qmdl_stream = ReaderStream::new(limited_qmdl_file); - let headers = [(CONTENT_TYPE, "application/octet-stream")]; + let headers = [ + (CONTENT_TYPE, "application/octet-stream"), + (CONTENT_LENGTH, &entry.qmdl_size_bytes.to_string()), + ]; let body = Body::from_stream(qmdl_stream); Ok((headers, body).into_response()) } From 5c5333f0c7076803d581042fc2a3ef7fcc19bd8e Mon Sep 17 00:00:00 2001 From: Markus Unterwaditzer Date: Fri, 4 Apr 2025 09:37:43 +0200 Subject: [PATCH 06/10] Remove RecordingCBM Colorblind mode is a property of the respective display, and decision whether to display something in colorblind mode should lie with the display thread. The display thread already needs to know about colorblind mode for the initial state. In #226, there are multiple implementations of display thread, and at least one of them is dealing with a one-bit display anyway. Aside, I think rayhunter should send an initial DisplayState on startup, UI threads should not assume that the device is already recording. But this can be discussed separately. --- bin/src/daemon.rs | 11 ++++++----- bin/src/diag.rs | 6 +----- bin/src/framebuffer.rs | 14 ++++++++------ bin/src/server.rs | 1 - 4 files changed, 15 insertions(+), 17 deletions(-) diff --git a/bin/src/daemon.rs b/bin/src/daemon.rs index 46523c6..7f66850 100644 --- a/bin/src/daemon.rs +++ b/bin/src/daemon.rs @@ -16,7 +16,7 @@ use crate::server::{ServerState, get_qmdl, serve_static}; use crate::pcap::get_pcap; use crate::stats::get_system_stats; use crate::error::RayhunterError; -use crate::framebuffer::Framebuffer; +use crate::framebuffer::{Color565, Framebuffer}; use analysis::{get_analysis_status, run_analysis_thread, start_analysis, AnalysisCtrlMessage, AnalysisStatus}; use axum::response::Redirect; @@ -146,7 +146,7 @@ fn run_ctrl_c_thread( }) } -fn update_ui(task_tracker: &TaskTracker, config: &config::Config, mut ui_shutdown_rx: oneshot::Receiver<()>, mut ui_update_rx: Receiver) -> JoinHandle<()> { +fn update_ui(task_tracker: &TaskTracker, config: &config::Config, mut ui_shutdown_rx: oneshot::Receiver<()>, mut ui_update_rx: Receiver) -> JoinHandle<()> { static IMAGE_DIR: Dir<'_> = include_dir!("$CARGO_MANIFEST_DIR/static/images/"); let mut display_color: framebuffer::Color565; let display_level = config.ui_level; @@ -154,7 +154,9 @@ fn update_ui(task_tracker: &TaskTracker, config: &config::Config, mut ui_shutdo info!("Invisible mode, not spawning UI."); } - if config.colorblind_mode { + let colorblind_mode = config.colorblind_mode; + + if colorblind_mode { display_color = framebuffer::Color565::Blue; } else { display_color = framebuffer::Color565::Green; @@ -184,7 +186,7 @@ fn update_ui(task_tracker: &TaskTracker, config: &config::Config, mut ui_shutdo } match ui_update_rx.try_recv() { Ok(state) => { - display_color = state.into(); + display_color = Color565::from_display_state(state, colorblind_mode); }, Err(tokio::sync::mpsc::error::TryRecvError::Empty) => {}, Err(e) => error!("error receiving framebuffer update message: {e}") @@ -256,7 +258,6 @@ async fn main() -> Result<(), RayhunterError> { debug_mode: config.debug_mode, analysis_status_lock, analysis_sender: analysis_tx, - colorblind_mode: config.colorblind_mode, }); run_server(&task_tracker, &config, state, server_shutdown_rx).await; diff --git a/bin/src/diag.rs b/bin/src/diag.rs index b4b43e0..9ac947f 100644 --- a/bin/src/diag.rs +++ b/bin/src/diag.rs @@ -130,11 +130,7 @@ pub async fn start_recording(State(state): State>) -> Result<(S state.diag_device_ctrl_sender.send(DiagDeviceCtrlMessage::StartRecording((qmdl_writer, analysis_file))).await .map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, format!("couldn't send stop recording message: {}", e)))?; - let display_state = if state.colorblind_mode { - framebuffer::DisplayState::RecordingCBM - } else { - framebuffer::DisplayState::Recording - }; + let display_state = framebuffer::DisplayState::Recording; state.ui_update_sender.send(display_state).await .map_err(|e| (StatusCode::INTERNAL_SERVER_ERROR, format!("couldn't send ui update message: {}", e)))?; diff --git a/bin/src/framebuffer.rs b/bin/src/framebuffer.rs index 6e1ecd1..db17477 100644 --- a/bin/src/framebuffer.rs +++ b/bin/src/framebuffer.rs @@ -27,15 +27,17 @@ pub enum DisplayState { Recording, Paused, WarningDetected, - RecordingCBM, } -impl From for Color565 { - fn from(state: DisplayState) -> Self { +impl Color565 { + pub fn from_display_state(state: DisplayState, colorblind: bool) -> Self { match state { DisplayState::Paused => Color565::White, - DisplayState::Recording => Color565::Green, - DisplayState::RecordingCBM => Color565::Blue, + DisplayState::Recording => if colorblind { + Color565::Green + } else { + Color565::Blue + }, DisplayState::WarningDetected => Color565::Red, } } @@ -108,4 +110,4 @@ impl Framebuffer<'_>{ } std::fs::write(self.path, &buffer).unwrap(); } -} \ No newline at end of file +} diff --git a/bin/src/server.rs b/bin/src/server.rs index 28108a8..4022275 100644 --- a/bin/src/server.rs +++ b/bin/src/server.rs @@ -23,7 +23,6 @@ pub struct ServerState { pub analysis_status_lock: Arc>, pub analysis_sender: Sender, pub debug_mode: bool, - pub colorblind_mode: bool, } pub async fn get_qmdl(State(state): State>, Path(qmdl_name): Path) -> Result { From 3ac4acd83c75b0ec095237cb9487967458f59287 Mon Sep 17 00:00:00 2001 From: Sashanoraa Date: Fri, 28 Mar 2025 21:57:48 -0400 Subject: [PATCH 07/10] Indent rootshell's code to 4 space like everything else It was three for some reason. --- rootshell/src/main.rs | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/rootshell/src/main.rs b/rootshell/src/main.rs index 9ed5fe6..f06c95b 100644 --- a/rootshell/src/main.rs +++ b/rootshell/src/main.rs @@ -10,27 +10,27 @@ use std::env; use nix::unistd::Gid; fn main() { - let mut args = env::args(); + let mut args = env::args(); - // Android's "paranoid network" feature restricts network access to - // processes in specific groups. More info here: - // https://www.elinux.org/Android_Security#Paranoid_network-ing - #[cfg(target_arch = "arm")] { - let gids = &[ - Gid::from_raw(3003), // AID_INET - Gid::from_raw(3004), // AID_NET_RAW - ]; - nix::unistd::setgroups(gids).expect("setgroups failed"); - } + // Android's "paranoid network" feature restricts network access to + // processes in specific groups. More info here: + // https://www.elinux.org/Android_Security#Paranoid_network-ing + #[cfg(target_arch = "arm")] { + let gids = &[ + Gid::from_raw(3003), // AID_INET + Gid::from_raw(3004), // AID_NET_RAW + ]; + nix::unistd::setgroups(gids).expect("setgroups failed"); + } - // discard argv[0] - let _ = args.next(); - // This call will only return if there is an error - let error = Command::new("/bin/bash") - .args(args) - .uid(0) - .gid(0) - .exec(); - eprintln!("Error running command: {error}"); - std::process::exit(1); + // discard argv[0] + let _ = args.next(); + // This call will only return if there is an error + let error = Command::new("/bin/bash") + .args(args) + .uid(0) + .gid(0) + .exec(); + eprintln!("Error running command: {error}"); + std::process::exit(1); } From 7f990ae4bdbbcfc8b4197ad626dfe01f71a8b06c Mon Sep 17 00:00:00 2001 From: zoracon Date: Fri, 4 Apr 2025 05:52:34 +0900 Subject: [PATCH 08/10] Move issue templates to correct location --- .github/ISSUE_TEMPLATE/bug.yaml | 62 +++++++++++++++++++++++++++++ .github/ISSUE_TEMPLATE/config.yaml | 8 ++++ .github/ISSUE_TEMPLATE/feature.yaml | 27 +++++++++++++ 3 files changed, 97 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug.yaml create mode 100644 .github/ISSUE_TEMPLATE/config.yaml create mode 100644 .github/ISSUE_TEMPLATE/feature.yaml diff --git a/.github/ISSUE_TEMPLATE/bug.yaml b/.github/ISSUE_TEMPLATE/bug.yaml new file mode 100644 index 0000000..dee0719 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug.yaml @@ -0,0 +1,62 @@ +name: Bug Report +description: File a bug report. +title: "[Bug]: " +type: Bug +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + - type: input + attributes: + label: Rayhunter Version + description: | + Which version did you install? + placeholder: v0.2.6 + - type: input + attributes: + label: Capture Date + description: | + YYYY-MM-DD + placeholder: 2025-05-01 + validations: + required: true + - type: input + attributes: + label: Capture Location + description: | + (If comfortable disclosing) What region or country were you in? + placeholder: Washington State + validations: + required: false + - type: input + attributes: + label: Device and Model + description: | + Device you installed Rayhunter on to. + placeholder: Orbic RC400L + validations: + required: true + - type: textarea + id: what-happened + attributes: + label: What happened? + description: | + What steps did you take to get to your issue? + placeholder: Tell us what you see! + validations: + required: true + - type: textarea + id: expected + attributes: + label: Expected behavior + description: Rayhunter's behavior differed from what I expected because. + placeholder: "What was expected?" + validations: + required: true + - type: textarea + id: logs + attributes: + label: Relevant log output + description: Rayhunter data captures (QMDL and PCAP logs) or error codes + render: shell diff --git a/.github/ISSUE_TEMPLATE/config.yaml b/.github/ISSUE_TEMPLATE/config.yaml new file mode 100644 index 0000000..35b33e2 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yaml @@ -0,0 +1,8 @@ +blank_issues_enabled: false +contact_links: + - name: Rayhunter Mattermost + url: https://opensource.eff.org/signup_user_complete/?id=6iqur37ucfrctfswrs14iscobw&md=link&sbr=su + about: If you're having trouble using Rayhunter and aren't sure you've found a bug or request for a new feature, please first try asking for help here. There is a much larger community there of people familiar with the project who will be able to more quickly answer your questions. + - name: Rayhunter Security Policy + url: https://github.com/EFForg/rayhunter/security/advisories/new + about: Please report security vulnerabilities here. diff --git a/.github/ISSUE_TEMPLATE/feature.yaml b/.github/ISSUE_TEMPLATE/feature.yaml new file mode 100644 index 0000000..1e2a35a --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature.yaml @@ -0,0 +1,27 @@ +name: Feature Request +description: Suggest a new feature or improvement to Rayhunter +title: "[Feature Request]: " +labels: ["enhancement"] +body: + - type: textarea + id: problem + attributes: + label: What problem does this feature solve or what does it enhance? + description: Explain what this feature addresses, ors the benefit it provides. + placeholder: For example, "Currently, users have to manually do X, which is time-consuming." + validations: + required: true + - type: textarea + id: solution + attributes: + label: Proposed Solution + description: Describe the solution you'd like to see implemented. + placeholder: For example, "Implement a new button that automatically does X." + validations: + required: true + - type: textarea + id: alternatives + attributes: + label: Alternatives Considered + description: Have you considered any alternative solutions? + placeholder: For example, "We considered Y, but Z is a better approach because..." From e864ce0a51d677730ba736f591befb0ea4681a9f Mon Sep 17 00:00:00 2001 From: Will Greenberg Date: Thu, 27 Mar 2025 11:19:32 -0700 Subject: [PATCH 09/10] Add PR template --- .github/pull_request_template.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .github/pull_request_template.md diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..bf632e2 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,4 @@ +## Pull Request Checklist + +- [ ] The Rayhunter team has recently expressed interest in reviewing a PR for this. If not, this PR may be closed due our limited resources and need to prioritize how we spend them. +- [ ] Add or update any documentation as needed to support the changes in this PR. From fb9c4ab85b0325b47f60efad31fa54b88ce0c831 Mon Sep 17 00:00:00 2001 From: Will Greenberg Date: Tue, 8 Apr 2025 09:54:27 -0700 Subject: [PATCH 10/10] Update pull_request_template.md --- .github/pull_request_template.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index bf632e2..348f0ac 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,4 +1,6 @@ ## Pull Request Checklist - [ ] The Rayhunter team has recently expressed interest in reviewing a PR for this. If not, this PR may be closed due our limited resources and need to prioritize how we spend them. -- [ ] Add or update any documentation as needed to support the changes in this PR. +- [ ] Added or updated any documentation as needed to support the changes in this PR. +- [ ] Code has been linted and run through `cargo fmt` +- [ ] If any new functionality has been added, unit tests were also added